R7000 Architecture and Advanced Setup

3 posts / 0 new
Last post
spacex
spacex's picture
R7000 Architecture and Advanced Setup

Almost every article I see here is either about the greatest update, or how to unbrick a router (me included).  Now onto setup.  Is there such a thing as a setup FAQ that explains what the individual choices in the dd-wrt gui mean?  Some are obvious and some depend upon knowing exactly which port is called by what hardware number and which internal bus is connected to which other ports. 

Logging into the router via Telnet and asking those questions is dealt with here:

https://dd-wrt.com/wiki/index.php/Switched_Ports

OK, then.  That information is supposed to tell me what to call things when I assign a port to be a VLAN.  However, the telnet information is different for each router.  Is there a diagram of my R7000 internal architecture to help me understand these numbers?

Thank you!

spaceX

spacex
spacex's picture
It is important to know what

It is important to know what to call stuff inside the router so your setup makes sense.  Some of the setup options in the dd-WRT GUI do not make sense.  Here are a few examples.

On the Setup/VLAN page we see that options for use of the 4 LAN ports and 1 WAN port are available.  Then there is the column "Assigned to bridge".  What does that column mean?  In the many existing articles it says that the 4 LAN ports are hard wired together to make VLAN 1 and delivered to the trunk port 5.  The WAN port is hard wired to the trunk port 5 and called VLAN 2.  So what is the function of "Assigned to Bridge"???  If I uncheck "Assigned to Bridge" on the WAN port, the firmware does not like it and re-checks the box. 

Let's say I want to tag the WAN port on VLAN 2.  I check the box, apply and reboot.  Moving along to the Setup/Networking page, what is going on with the TAG options?  The default TAG options list br0 as the default item to be tagged.  In my understanding a bridge cannot be tagged.  It is the ethernet packets that are tagged.  The drop-down options include et0 and et1, even though it appears that et0 is the name for the main trunk from the switch to the CPU, and that the VLAN from the WAN port is called VLAN 2.  Are there hidden bridges inside the switch that are not shown on the usual block diagrams?

Here is what I would like to do.  Isn't this a simple configuration?

LAN ports are all tied together on default VLAN 1, no tagging

WAN port is tagged on VLAN2, the default WAN port VLAN

DELETE the default bridge from Wireless to the LAN ports.  (Is this done on the Setup/VLAN page near the bottom - Wireless - LAN or Wireless -NONE???)

Establish a bridge from Wireless to the WAN port (internet access only).

My difficulty is knowing what the internal pieces are called.  Wireless to WAN bridge....br0, br1 ?  LAN and WAN bridges - what is this?

Thank you,

spaceX

spacex
spacex's picture
More important but boring

More important but boring questions.  VLANS are upsetting to us space cadets because they are usually only needed in commercial routing.  Unfortunately fiber providers have started using them to separate traffic in the home, such as internet, tv, phone service, etc...

Now the internet is full of idiotic questions about what to do with less complex retail routers.  Then there are the open source firmware problems.

What is the difference between a VLAN ID and a VLAN TAG?

If the two things are the same, is it correct to say that a VLAN TAG refers only to a packet that is being sent to or received from another device?

Referring only to GUI setup, dd-wrt can accept a VLAN TAG under its Setup/Network Tag option.  That number will create an NVRAM variable WAN_if that uses the internal WAN VLAN name, i.e. VLAN2 AND the tag number, which looks like this... VLAN2.TAG_NUMBER and may also create eth0.TAG_NUMBER which refers to the router's internal trunk - maybe.

Whereas in the Netgear factory firmware, the option is called a VID and creates an NVRAM variable that appears to create a fresh new VLAN number in the form VLAN_TAG_NUMBER.

Example: using a large tag number 201 such as the one we all know and love from Centurylink: router's internal WAN VLAN is 2.  Many think that TAG numbers are only 0 - 15, but the TAG area of the frame is 4 bytes and can go up to 4096.  dd-wrt WAN page shows WAN numbers up to 15, but Networking has a section for TAGGING.  What do we TAG in Networking - the WAN or LAN number, or the eth0 or br0 all of which are presented as possibilities???  So we must be talking about the limitations of the GUI here.

Once you enter VLAN2 TAG 201 in the Networking/TAG section, the dd-wrt Linux variable looks like VLAN2.201 and corresponding ethernet variable eth0.201.  Seems to make sense.

The Netgear factory firmware creates instead simply VLAN201 for the same NVRAM variable.  Interestingly, if you run: nvram show | grep vlan.*ports, you see  one of the ports is some high 4 digit number.  That is weird.

So here we come to the technical details.  Perhaps we have for internal use of the router the notation VLAN2.201 presented to the internal trunk.?  But the WAN port has to deal with VID 201 in the TAG sectioin of the packet.  Maybe. Which one is right?  What does the Linux OS need to do the job of accepting traffic from an external device TAGGED with some number such as 201?   And what variable does a Broadcom i.e. R7000 need to "TAG" or UNTAG external packets?  Did we create a VLAN with a high number such as VLAN201 (added to VLAN1 and VLAN2)??? Or, do we use internal notation and say we are sending and receiving traffic on VLAN2.201. ???  Does any of this matter?

Has any of this been resolved so that the GUI can set up WAN VLANS on the physical WAN port?  All this stuff is giving me a headache.  We have a developing situation, since more and more common non-networking-genius people have to deal with this setup.  Most people try every possible combination of settings and randomly stumble upon something that works.  Can we do better than this?

 

spaceX